
enum role       # 角色
    user        # 注册用户
    admin       # 管理员
----

entity user     # 用户
    field
        seq         serial      # 登录令牌的序号
        username    text        # 用户名
        credential  text        # 加盐哈希过的密码
        role        role        # 角色（权限）
        name        text        # 姓名
        phone       text        # 手机号码或电话号码
    ----

    constraint
        (seq)
        (username credential)
        [ username == "" xor credential == "" ]
        [ length(credential) == 64 ] bcrypt     # bcrypt 哈希长度为 64
    ----

    function
        !add(username credential role name phone)   [admin]
            insert (*)
        ----

        !register(username credential name phone)
            insert (* role=user)
        ----

        login(username password) -> (token) # token 中含有 blah blah
            select (seq credential role name phone) by (username)
            java
                if (!check_password(credential, password))
                    throw new failure("denied");
                String token = make_token(seq);
            ----
        ----

        &from-seq(seq) -> (user)    []      # 登录时从登录令牌中的令牌序号取用户
            select (user) by (seq)
        ---

        revoke(user)       []
            update (seq) by (user)
        ----

        modify-password(user *password)      []
            call revoke (user)
            update (password) by (user)
        ----


        modify-name(user name)      []
            update (name) by (user)
        ----

        modify-phone(user phone)    []
            update (phone) by (user)
        ----

        remove-self($user)  []
            delete by (user)
        ----

        remove(user)  [admin]
            delete by (user)
        ----
    ----
----

entity message
    field
        content text        # 留言内容
        author  user        # 留言发布者
        date    timestamp   # 发布日期
    ----
----

